Mike Harris

**Name of the Vulnerable Software and Affected Versions** Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress versions up to, and including, 1.4.3 **Description** The issue concerns information exposure through the Visitors List Export file. During export, a CSV file is created in the wp-content folder with a hardcoded filename that is publicly accessible. This allows unauthenticated attackers to extract data about event visitors, including first and last names, email, and phone number. **Recommendations** For versions up to, and including, 1.4.3, consider disabling the Visitors List Export feature until a patch is available to prevent unauthenticated access to sensitive visitor information. Restrict access to the wp-content folder to minimize the risk of exploitation. Avoid using the publicly accessible CSV file for sensitive data storage until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Goodlayers Core plugin for WordPress versions up to and including 2.0.7 **Description** The issue is related to insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts in pages through the `font-family` parameter. This can occur if an attacker tricks a user into performing an action, such as clicking on a link. **Recommendations** For versions up to and including 2.0.7, update to a version later than 2.0.7 to resolve the issue. As a temporary workaround, consider restricting access to the `font-family` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress versions up to, and including, 2.5.6 **Description** The issue is related to Stored Cross-Site Scripting via the form color parameters due to insufficient input sanitization and output escaping. This allows authenticated attackers with editor-level access to inject arbitrary web scripts in pages, which will execute when a user accesses an injected page. The issue specifically affects multi-site installations and installations where unfiltered html has been disabled. **Recommendations** For versions up to, and including, 2.5.6, update to a version later than 2.5.6 to resolve the issue. As a temporary workaround, consider restricting access to the form color parameters to minimize the risk of exploitation. Additionally, ensure proper input sanitization and output escaping for all user-inputted data.

**Name of the Vulnerable Software and Affected Versions** Folders Pro plugin for WordPress versions up to, and including, 3.0.2 **Description** The issue is related to Stored Cross-Site Scripting, which occurs due to insufficient input sanitization and output escaping of a user's `First Name` and `Last Name`. This allows authenticated attackers with subscriber-level access and above to inject arbitrary web scripts in pages. These scripts will execute whenever a user accesses an injected page. **Recommendations** For versions up to, and including, 3.0.2, update to a version that addresses the insufficient input sanitization and output escaping issue. As a temporary workaround, consider restricting access to editing user profiles to minimize the risk of exploitation. Additionally, restrict the ability to inject scripts via the `First Name` and `Last Name` fields until a patch is available.